Configurable electronic messaging system that maintains recipient privacy

ABSTRACT

A messaging service allows message senders to reach a web site owner in the way the owner wants. Users authorized by the owner drop a message into the message service of a site owner, and it gets delivered to the site owner in exactly the manner specified by the site owner. The site owner can organize incoming messages by time, calendar, user, viewing method, etc. The site owner can receive messages in the way she wants, but all her friends need to know is one address, the owner&#39;s site address.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application claims the benefit of, pursuant to 35 U.S.C.119(e), U.S. Provisional Patent Application No. 61/534,201, filed onSep. 13, 2011, the content of which is incorporated herein by reference.

FIELD OF THE INVENTION

This application relates to electronic messaging systems, and moreparticularly to configurable electronic messaging systems that maintainrecipient privacy.

BACKGROUND OF THE INVENTION

Unified messaging systems are well known. These systems redirectincoming electronic messages from a user's many message boxes, e.g.,email, voicemail, fax, to one ‘unified’ inbox. The systems are designedto improve efficiency for recipients by allowing them to monitor asingle inbox for electronic messages of many different types. Typically,these systems are used in large corporations that have sophisticatedemail servers on which all electronic messages can be directed into asingle inbox, most often and email address. While these systems havesome utility in an integrated corporate environment they are not truly‘unified’ because they are not designed to handle all the types ofmessages, e.g., text messages, used in modern business.

Also known, in corporate email servers and otherwise, is the ability toroute incoming messages from a single published message address tomultiple other message boxes according to automatic rules that can bedesigned and implemented by the published address owner. Although theowner of such a published message address can receive messages in theway he wants (preferred box and format), he cannot control use of hispublished address, which may be sold to spammers. A further problem isthat the published address is often the username for other Internetcomputing resources. In addition, if the recipient changes her messagingaddress, for reasons of security or otherwise, she must communicate thechange to all senders, each of whom must continually update theiraddress books in an ongoing burden.

What is desired in another respect, therefore, is a system, which keepsmessage addresses private but still allows incoming messages to berouted to one of several electronic inboxes as desired by therecipient/owner. Also desired is the ability to route incoming messagesto a private address to an electronic box of a different messagingformat, and the ability to limit incoming messages to an approved senderlist. The ability to route the messages according to a matrix ofparameters such as sender, time, date, etc. is also desirable.

SUMMARY OF THE INVENTION

Accordingly, it is an object of the invention to provide a messagingsystem, which keeps message addresses private but still allows incomingmessages to be routed to one of several electronic inboxes as desired bythe recipient/owner.

Another object of the invention is to provide a messaging system thathas the ability to route incoming messages to a private address to anelectronic box of a different messaging format, and the ability to limitincoming messages to an approved sender list.

Another object of the invention is to provide a messaging system withthe ability to route messages according to a matrix of parameters, suchas sender, time, date, etc.

These and other objects of the present invention are achieved byprovision of a messaging service that allows message senders to reach aweb site owner in the way the owner wants. Users authorized by the ownerdrop a message into the message service of a site owner, and it getsdelivered to the site owner in exactly the manner specified by the siteowner. The site owner can organize incoming messages by time, calendar,user, viewing method, etc. The site owner can receive messages in theway she wants, but all her friends need to know is one address, theowner's site address.

With the system of the present invention, each owner is provided with amessaging service inbox that the owner can chose to associate with hispersonal site. The messaging service has some unique characteristicsthat put the owner in control of her incoming electronic messages andpreserve her privacy in the process. The messaging service inbox of thepresent invention differs from other electronic messaging systems inseveral important ways. First, recipients have no address so there isnothing to be harvested or spammed and the owner is free to change hiselectronic inboxes at any time without any disruption in messagedelivery or burden on senders to update their address books. Second,only senders authorized by the owner have access to the owner'smessaging service inbox. This means messages from any particular personcan be permanently blocked by the recipient/owner at any time.

By employing the system of the present invention, users do not need toremember which cell phone number the site owner is currently using,which email address is still valid, where to find those photos from thesite owner's last outing, or how to subscribe to the site owner'sTwitter feed. Everything is right in one place and users have access toit all on an owner's site. Once users navigate to an owner's site, theyhave instant access to the site owner in the manner that the ownerdesires.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating a configurable web server systemaccording to the invention;

FIG. 1A is a block diagram illustrating in more detail a portion of theconfigurable web server system of FIG. 1;

FIG. 2 is an illustration of an example web page served by theconfigurable web server system of FIG. 1;

FIG. 3 is an illustration of an example web page served by theconfigurable web server system of FIG. 1;

FIG. 4 is an illustration of an example web page served by theconfigurable web server system of FIG. 1; and

FIG. 5 is a block diagram illustrating messaging system in accordancewith the present invention, which may be used in conjunction with theconfigurable web server system of FIG. 1 or independently thereof.

DETAILED DESCRIPTION OF THE INVENTION

FIG. 1 depicts structures and operations pertaining to a configurablewebsite and system with access control and social network features inaccordance with the invention.

A configurable website according to the invention enables an owner toprovide a user with access to the functionality of other websites. Theauthority to access this functionality is supplied on a per-functionbasis. For example, a user can be granted the use of certain functionsof a particular website, but not to others, such as being granted theability to read content on the website, but not to modify it. Or theability to modify text on the website, but not images. Furthermore, theuser can be granted different degrees of authority over thefunctionality of several websites. For instance, the user could begranted access only to read content on website A, but be granted accessto modify as well as read content on website B, and so forth.Optionally, many users can access the configurable website, each beinggranted specific authority to access functionality on other websites.Furthermore, the configurable website itself can include functions andcontent to which specific access can be granted to users in the sameway. These functions may be individual to the configuration webpage, ormay be an aggregate of the functionality and content of the otherwebpages. These examples are not intended to be limiting, and it will beclear to those having skill in the art that many combinations offunctionality authorizations are possible without departing from thespirit of the invention.

To this effect, a configurable web server 100 is provided connected to anetwork 102. Web server 100 has access to various function modules 106over network 102, at least one of which function modules may includewebsite data sets 104.

The configurable web server 100 may be a traditional web server or anyother hardware and/or software for serving a website to visitors, with amore detailed view of a preferred embodiment of the web server 100 beingshown in FIG. 1A. The network 102 may be the internet, a subset of theinternet, a local area network, wide area network, wireless network,cloud, or other arrangement for computer communications. Website datasets 104 can relate to any type of website, including social networkingwebsites that provide a homepage, blog, comment posting, syndication, orother such functionality to the owner, and may require authenticationfor access to all or part of their content. Website data sets 104 mayrelate to websites requiring authentication for use on a per-functionbasis however, in which case, website data sets 104 may include datarelating to a secondary authentication to an Internet computingresource.

Web server 100 can be used to generate a configurable website (notshown) for use as an interface, whereby an owner can aggregate contentfrom website data sets 104, and can control access to websites on aper-user and per-function basis. In this regard, web server 100 can beviewed as having a site setup portion 140 and a site serving portion142.

Function modules 106 can be accessed by the owner for incorporation intothe configurable website, and can include various basic functionalityfor running a website, including applets, scripts, templates, stylesheets, and the like. Function modules 106 may be provided on the webserver 100, or be provisionable from third parties 148 that hostingthird party websites 146 that may be made available to the system 100over network 102. The third party websites 146 may also be directlyaccessed by the webpage owners using user setup hardware 108 in theusual way of employing account owner access 150.

Example function modules 106 can include website data sets 104 which mayinclude a secondary authentication 144 to a computing resource, such asa third party website 146, such as a web server hosting a social mediasite (not shown). Further example function modules 106 can include anapplication programming interface (“API”), which may be used to retrieveand display data, change data, or supplement data. The API can be aconfigurable web server API 152 provided to a third party 148 formodification, or can be entirely created by the third party 148, beforebeing uploaded to the web server 100 as a third party API 154. Functionmodules 106 may be generated by a third party (as shown in FIG. 1A) andmay provide access on the configurable website to third party data. Asanother example, function modules may simply comprise data itself. Forexample, individual pieces of art and blog posts may be tagged withpermissions instead of subjects when they are uploaded. In this manner,new art only shows up in the appropriate collection(s) and blog postsare only viewable by the intended user/group.

User setup hardware 108 is also connected to network 102 and isaccessible to the owner. Using the user setup hardware 108, the ownercan transmit account setup or site revision data 110, a selection offunctions 112 to be enabled on the configurable website, access control114 for functions enabled on the configurable website, and optionally,status updates 116, to system 100.

User setup hardware 108 can be a computer, laptop, mobile device,smartphone, or other device for accessing a web server. Account setup orsite revision data 110 may include information for running theconfigurable website, including owner personal information, passwordsand multifactor authentications to access the configurable website,correspondence information such as e-mail addresses, informationpertaining to the desired display of the configurable website, and URLsfor the various websites that can be managed using the system 100.

Account setup data 110 may include authentications which serve as accesscredentials for other website data sets 104 in addition to theconfigurable website. Access credentials can include passwords,multifactors, tokens, or other ways of controlling access to eachwebsite. Optionally, a permitted user list (not shown) is associatedwith the configurable website, website data sets 104, and/or functionmodules 106.

Optionally, website date sets 104 relate to social networking websites(not shown). Social networking websites may include but are not limitedto websites for creating and connecting public, private, and semi-publicuser profiles, online communities, blogs, news feeds, audio and videosharing, and web syndication websites. Such websites are frequentlyclosed-silo communities where only third party users having an accounton that particular website would be able to view or interact withcontent belonging to an owner of a profile. The present inventionprovides the advantage of supplying access to an owner's informationthat is stored in such closed-silo communities, without requiring thirdparty users to first obtain an account of their own.

Functions 112 can include a selection of functions 106 enabled for theconfigurable website. For instance, the owner can choose to enablecontent posting on the configurable website itself. Access control 114is also specified for the functions enabled on the configurable website,i.e., who can access each function. Optionally, status updates 116 tothe configurable website can be transmitted to system 100 from the usersetup hardware 108 if this functionality has been selected. This varioussite data 156, including the function selection and access control date158, specified by the owner may be stored in a a database or othermemory accessible to the web server 100.

To access the configurable website (not shown), user access hardware 120is accessible to either the owner or to third party users of theconfigurable website and is connected to network 102. User accesshardware 120 can be a computer, laptop, mobile device, smartphone, orother device for accessing a webpage, and optionally, can be the samehardware used as the user setup hardware 108. The user first transmitsan authentication 122 from the user access hardware 120 to the system100. Authentication 122 may be a password, multifactor authorization,hardware token, or other way of controlling access to the configurablewebsite. System 100 responds by transmitting accessible website data124, regarding websites with functions that are accessible to that user.If the user is the owner or another user with proper authorization,accessible website data 124 can also include data regarding theconfigurable website itself. Subsequently, the user can select a websitefrom amongst the accessible website data 124, and transmit websiteselection 128 from user access hardware 120 to system 100. System 100then responds by transmitting accessible function data 130 to userregarding functions that are accessible to that user for the selectedaccessible website. The user can then select a function, and transmitfunction selection 132 from user access hardware 120 to system 100.

User setup hardware 108 and/or user access hardware 120 may optionallyinclude a touch screen 136 to facilitate user input, and/or mayoptionally include a wireless transceiver 138 to enable wirelesscommunication.

Accessible website data 124, accessible function data 130, and selectedfunction 134 will typically be transmitted to the user access hardware120 from system 100 as a webpage, for display to the user on a GUI (notshown), as further discussed below. The GUI may be a combination of adisplay and driver software. Optionally, the accessible website data 124and accessible function data 130 are presented to the user as thumbnailimages (not shown) within a webpage. Thumbnail images may be aminiaturized image of the webpage or function they represent, or may bea different image.

FIG. 2 illustrates an example display 200. Display 200 is an example ofa page of the configurable website, which displays a selection ofwebsites to which the user has been granted access via the configurablewebsite. These websites may be represented by thumbnail images 206.Display 200 may have a title bar 202 which displays a title 204. If theuser is the owner, or has been granted an appropriate level ofauthority, a thumbnail 208 representing the configurable website itselfmay also be displayed.

Optionally, display 200 is displayed on user access hardware 120 andreflects accessible website data 124 transmitted from system 100, asshown and described with respect to FIG. 1. In some embodiments, theuser can choose a thumbnail 206, 208 using a mouse cursor or othersuitable selection means (not shown). A website selection 128 reflectingthis choice is then transmitted as shown and described with respect toFIG. 1.

FIG. 3 illustrates an example display 300. Display 300 may have a titlebar 302 which displays a title 304. Display 300 displays thumbnailimages 306 representing various website functions to which the user hasbeen granted access by the owner of the configurable website, pertainingto a website chosen from display 200 (FIG. 2). A website selection bar308 displays thumbnail images 206 as described with respect to FIG. 2.If the user is the owner, or has been granted an appropriate level ofauthority, a thumbnail 208 representing the configurable website itselfmay be displayed in website selection bar 308, or in title bar 302. Achosen website indicator 310 displays a thumbnail image of the currentlychosen website, whose accessible functions are shown by thumbnail images306.

Optionally, display 300 is displayed on user access hardware 120 andreflects accessible function data 130 transmitted from system 100, asshown and described with respect to FIG. 1. In some embodiments, theuser can choose a thumbnail image 306 using a mouse cursor or othersuitable selection means (not shown). A function selection 132reflecting this choice is then transmitted as shown and described withrespect to FIG. 1. Optionally, the user can also choose a thumbnail 308,208 to view accessible functions for a different website (not shown). Awebsite selection 128 reflecting this choice is transmitted as shown anddescribed with respect to FIG. 1.

FIG. 4 illustrates a display 400 according to an embodiment of theinvention. Display 400 may have a title bar 402 which displays a title404. Display 400 displays and provides access to a function 406 to whichthe user has been granted access by the owner of the configurablewebsite. The function 406 may have been chosen from display 300 (FIG.3). The user may interact with function 406 via display 400. Forexample, the user may edit text data if function 406 provides thiscapability.

Function selection bar 408 displays thumbnail images 306 as describedwith respect to FIG. 3. Chosen function indicator 410 displays athumbnail image of the currently chosen function 406. Website selectionbar 308 displays thumbnail images 206 as described with respect to FIG.2. If the user is the owner, or has been granted an appropriate level ofauthority, a thumbnail 208 representing the configurable website itselfmay be displayed in website selection bar 308, or in title bar 402.Chosen website indicator 310 displays a thumbnail image of the websitewhose accessible functions are shown by thumbnail images 306.

Thumbnail images 306 representing various website functions to which theuser has been granted access by the owner of the configurable website,pertaining to a website chosen from display 200 (FIG. 2).

Display 400 can be displayed on user access hardware 120 and reflectsaccessible function data 130 transmitted from system 100, as shown anddescribed with respect to FIG. 1. In some embodiments, the user canchoose a thumbnail image 306 using a mouse cursor or other suitableselection means (not shown). A function selection 132 reflecting thischoice is then transmitted as shown and described with respect to FIG.1.

The user may also choose a thumbnail 308, 208 to view accessiblefunctions for a different website (not shown) or chose a thumbnail 408to access a different function A website selection 128 reflecting thischoice is transmitted as shown and described with respect to FIG. 1.

FIG. 5 depicts structures and operations pertaining to a messagingsystem in accordance with another aspect of the present invention, whichmay be used in conjunction with the configurable web server system ofFIG. 1 or independently thereof.

The system includes a message server 500 connected to a network 502.Message server 500 may be a traditional mail server, web server or anyother hardware and/or software for serving messages. The network 502 maybe the Internet, a subset of the Internet, a local area network, widearea network, wireless network, cloud, or other arrangement for computercommunications.

Message recipient hardware 504 is also connected to network 502 and isin communication with the message server 500. Message recipient hardware504 can be a computer, laptop, mobile device, smartphone, or otherdevice for communicating with a message server, and can be the samehardware as user setup hardware 108 described above when the messagingsystem is used in conjunction with the configurable website systemdescribed above, or can be separate therefrom. Message recipienthardware 504 is also be used to access one or more recipient electronicmailboxes 506 ¹-506 ^(n), each of which may be configured in any knownor yet to be developed messaging format.

Message sender hardware 508 is also connected to network 502 and is incommunication with the message server 500. Message sender hardware 508can be a computer, laptop, mobile device, smartphone, or other devicefor communicating with a message server, and can be the same hardware asuser access hardware 120 described above when the messaging system isused in conjunction with the configurable website system describedabove, or can be separate therefrom. Message sender hardware 508 ispreferably configured to be able to read and manipulate web pages, asdescribed in more detail below.

Initially, the message recipient uses message recipient hardware 504 toconfigure his messaging account by supplying account setup message data510 to message server 500. This message data may include a name or namesassociated with the message recipient, a list of one or more secondaryelectronic mailboxes to which the message recipient has access, anaccess list of senders authorized to send messages to the messagerecipient, and messaging routing rules. The message routing rules may bedependent, for example, upon parameters such as message sender (e.g.,all messages from Sender A should be routed to Box 2), time of day(e.g., all messages received after 5:00 pm should be routed to Boxes 1and 3), days of the week (e.g., all messages received on Saturdaysshould be routed to Box 3), particular dates (e.g., all messagesreceived from Jan. 1, 2011-Jan. 8, 2011 should be routed to Boxes 1 and2), etc. The rules may also comprise a matrix dependent upon two or moreparameters (e.g., all messages received from Sender B after 10:00 pmshould be routed to Box 2). Upon receipt of account setup message data510, or changes thereto, by message server 500, message server may storethe message data in a database 512 or other memory. Furthermore, therules may specify one or more particular formats in which the recipientdesires to receive messages for each of her electronic mailboxes.

When a message sender desires to send a message to a message recipientusing the system of the present invention, the message sender may usemessage sender hardware 508 to supply an authentication 514 to messageserver 500. In response, the message server 500 may, based upon theauthentication 514 and the message data stored in database 512, transmitto message sender hardware 508 a list of permitted names 516 to whom themessage sender is authorized to send messages. The message sender maythen select a recipient name from the list and transmit the selectedrecipient name 518 to the message server 500.

Alternately, the transmission of the list of permitted names 516 may beomitted, and the message sender hardware 508 may be used to transmitboth the authentication 514 and the recipient name 518 without the listof permitted 516 names being provided. In this case, the message server500 may analyze the authentication 514 and the recipient name 518against the message data stored in database 512 in order to determinewhether the message sender is authorized to send messages to theidentified message recipient.

This may be the case, for example, when each message recipient has hisown personal web page, similar to that described above in connectionwith the configurable website system shown in FIG. 1, such that themessage sender may simply choose a “send message” function from therecipient's web page (it being the case that if the “send message”function is available for selection, the would-be message sender wouldhave been authorized to send messages).

In any event, is it preferred that the message is received from themessage sender via a non-public electronic mailbox address. Morespecifically, it is highly desirable that the manner in which themessage is received from the message sender be strictly limited only toauthorized message senders, and that the addresses for the secondaryelectronic mailboxes to which the message recipient has access, be keptprivate so as to prevent spammers from being able to obtain access tothe electronic mailboxes of the message recipient.

Once the recipient name has been received, the message server mayoptionally transmit to message sender hardware 508 a description of anyrestrictions 520 placed on the message sender by the message recipient,as contained in the message data stored in database 512. The messagesender hardware may then be used to create and transmit a message 522 tothe message server 500. In one embodiment, the message server 500 mayserve a web page to message sender hardware 508 with message creationand transmission functionality, thereby allowing messages to be send byany message sender hardware 508 capable of viewing and manipulating webpages.

Once the message 522 is received by the message server 500, the messageserver 500 examines the parameters surrounding receipt of the message522 in view of the message data stored in database 512. Message reformatsoftware 524 may optionally be provided for translating the message 522into a desired format specified in the message data stored in database512, if necessary. Message router software 526 then determines, basedupon the parameters surrounding receipt of the message 522, the messagedata stored in database 512 (particularly, the rules and secondarymailbox information) and any necessary extrinsic information, such astime, date, etc. to which electronic mailbox or mailboxes the messageshould be routed, before routing the message 528 to the appropriateelectronic mailbox or mailboxes.

By employing the messaging system described above, message addresses arekept private, but incoming messages are still allowed to be routed toone of several electronic inboxes as desired by the recipient/owner.Also provided is the ability to route incoming messages to a privateaddress to an electronic box of a different messaging format, and theability to limit incoming messages to an approved sender list. Theability to route the messages according to a matrix of parameters suchas sender, time, date, etc. is also provided.

Although the invention has been described with reference to a particulararrangement of parts, features and the like, these are not intended toexhaust all possible arrangements or features, and many modificationsand variations will be ascertainable to those of skill in the art.

1. An electronic messaging system comprising: a message server availableover a network; message data accessible by said message server, saidmessage data comprising at least one name associated with a messagerecipient, a list of at least one electronic mailbox to which themessage recipient has access, an access list of senders authorized tosend messages to the message recipient, and messaging routing rules;software executing on said message server for receiving from a messagesender over the network an authentication and a recipient identifier;software executing on said message server for determining, based atleast in part upon the message data, the authentication and therecipient identifier whether the message sender is authorized to send amessage to the message recipient; software executing on said messageserver for, if the message sender is authorized to send a message to themessage recipient, receiving a message from the message sender over thenetwork; software executing on said message server for determining,based at least in part upon the message data, the authentication and therecipient identifier, to which of one or more of the at least oneelectronic mailbox to route the message; and software executing on saidmessage server for routing the message to the determined one or more ofthe at least one electronic mailbox over the network.
 2. The electronicmessaging system of claim 1 wherein software executing on said messageserver: receives the authentication over the network; determines, basedat least in part upon the message data and the authentication, a list ofpermitted recipient identifiers to which the message sender isauthorized to send messages; transmits the list of permitted recipientnames to which the message sender is authorized to send messages overthe network; and receives a selection of the recipient name from themessage sender over the network.
 3. The electronic messaging system ofclaim 1 wherein software executing on said message server: determines,if the message sender is authorized to send a message to the messagerecipient, whether there are any restrictions on the message senderbased at least in part upon the message data, the authentication, andthe recipient identifier; and transmits a list of restrictions to themessage sender over the network.
 4. The electronic messaging system ofclaim 1 wherein network is the Internet.
 5. The electronic messagingsystem of claim 1 wherein the network comprises one or more of thefollowing: a subset of the Internet, a local area network, a wide areanetwork, a wireless network, and a cloud.
 6. The electronic messagingsystem of claim 1 further comprising message recipient hardwareconnected to the network and in communication with said message server.7. The electronic messaging system of claim 6 wherein the messagerecipient hardware comprises one or more of the following: a computer, alaptop, a mobile device and a smartphone.
 8. The electronic messagingsystem of claim 7 wherein the message recipient hardware can be used toaccess at least one electronic mailbox.
 9. The electronic messagingsystem of claim 1 further comprising message sender hardware connectedto the network and in communication with said message server.
 10. Theelectronic messaging system of claim 9 wherein the message senderhardware comprises one or more of the following: a computer, a laptop, amobile device and a smartphone.
 11. The electronic messaging system ofclaim 10 wherein the message sender hardware can be used to access andmanipulate web pages.
 12. The electronic messaging system of claim 1wherein the message routing rules are dependent upon a message senderidentity.
 13. The electronic messaging system of claim 1 wherein themessage routing rules are dependent upon a time of day.
 14. Theelectronic messaging system of claim 1 wherein the message routing rulesare dependent upon a day of the week.
 15. The electronic messagingsystem of claim 1 wherein the message routing rules are dependent upon aparticular date.
 16. The electronic messaging system of claim 1 whereinthe message routing rules comprise a matrix dependent upon two or moreof the following parameters: a message sender identity, a time of day, aday of the week and a particular date.
 17. The electronic messagingsystem of claim 1 wherein the message routing rules specify one or moreformats in which the recipient desires to receive messages for each ofthe at least one electronic mailbox.
 18. The electronic messaging systemof claim 17 further comprising message reformat software executing onthe message server for translating the message into a specified formatbefore routing to the at least one electronic mailbox.
 19. Theelectronic messaging system of claim 1 wherein the authentication andthe recipient identifier are received from the message sender via aprivate web page associated with the message recipient.
 20. Theelectronic messaging system of claim 19 wherein the authentication andthe recipient identifier are received from the message sender inresponse to a send message function being selected by the message senderon the private web page associated with the message recipient.
 21. Theelectronic messaging system of claim 1 wherein the message is receivedfrom the message sender via a private web page associated with themessage recipient.
 22. The electronic messaging system of claim 21wherein the message is received from the message sender in responseafter the message sender enters the text of the message on the privateweb page associated with the message recipient.
 23. The electronicmessaging system of claim 1 wherein the message is received from themessage sender via a non-public electronic mailbox address, wherebyprivacy of the message recipient is ensured.
 24. An electronic messagingsystem comprising: a message server available over a network; softwareexecuting on said message server for receiving from a message senderover the network a message, an authentication and a recipientidentifier; software executing on said message server for determining,based at least in part upon the authentication and the recipientidentifier whether the message sender is authorized to send a message toa message recipient identified by the recipient identifier; softwareexecuting on said message server for determining to which of one or moreelectronic mailboxes associated with the message recipient to route themessage; and software executing on said message server for routing themessage to the determined one or more of the electronic mailboxes overthe network.
 25. A method of routing electronic messages comprising thesteps of: providing a message server available over a network; storingmessage data accessible by the message server, the message datacomprising at least one name associated with a message recipient, a listof at least one electronic mailbox to which the message recipient hasaccess, an access list of senders authorized to send messages to themessage recipient, and messaging routing rules; receiving from a messagesender over the network an authentication and a recipient identifier;determining, based at least in part upon the message data, theauthentication and the recipient identifier whether the message senderis authorized to send a message to the message recipient; receiving amessage from the message sender over the network if the message senderis authorized to send a message to the message recipient; determining,based at least in part upon the message data, the authentication and therecipient identifier, to which of one or more of the at least oneelectronic mailbox to route the message; and routing the message, withthe message server, to the determined one or more of the at least oneelectronic mailbox over the network.
 26. The method of claim 25 furthercomprising the steps of: receiving the authentication over the network;determining, based at least in part upon the message data and theauthentication, a list of permitted recipient identifiers to which themessage sender is authorized to send messages; transmitting the list ofpermitted recipient names to which the message sender is authorized tosend messages over the network; and receiving a selection of therecipient name from the message sender over the network.
 27. The methodof claim 25 further comprising the steps of: determining, if the messagesender is authorized to send a message to the message recipient, whetherthere are any restrictions on the message sender based at least in partupon the message data, the authentication, and the recipient identifier;and transmitting a list of restrictions to the message sender over thenetwork.